CYBD210M: Operating System Artifacts

Program
Theory Hours 3 Lab Hours 3 Credits 4

This course explores advanced topics and forensic analysis of the various File System artifacts which could provide useful information leading toward malware detection and presentation of digital evidence for the court of law. Since file systems record every event of a system, forensic tools may be used to process information related to user environment, buffer overflows, trace conditions, network stack, etc. Prerequisites: CYBD100M, CIS102M, CIS103M.